Configuring the handling of SCIM delete requests - PingFederate

Configuring the handling of SCIM delete requests - PingFederate - 10.0

PingFederate Server

bundle

pingfederate-100

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 10.0

category

Product

pf-100

pingfederate

ContentType_ce

Page created: 12 Sep 2019 |

Page updated: 19 Mar 2020

| 1 min read

PingFederate 10.0 Product Configuration User task Single Sign-on (SSO) Capability Administrator Audience Product documentation Content Type Software Deployment Method SCIM Standards, specifications, and protocols

Use this screen to define how SCIM delete requests are handled within your user datastore.

Important:

If the group support option is enabled, when PingFederate receives a SCIM delete request for a group, it always removes the specified group from the datastore.

Note:

This screen appears only if you are configuring an LDAP user store for provisioning.

Select Disable User to make the user inactive within the datastore. This approach might be preferred in situations where accounts must be retained for auditing reasons.

In order to be SCIM compliant when deleting users, PingFederate returns an HTTP 404 response code for all subsequent operations related to the user-effectively treating the user as if they have been deleted from the LDAP user store (see the SCIM specifications).
CAUTION:
If the user is disabled through another method, PingFederate still treats that user as if they have been deleted and returns HTTP 404 response codes for all subsequent requests.
Select Permanently Delete User to remove the user from the datastore.